[wp-trac] [WordPress Trac] #28300: Two issues in the code for auto-uploading to subfolders
WordPress Trac
noreply at wordpress.org
Sun May 18 17:05:27 UTC 2014
#28300: Two issues in the code for auto-uploading to subfolders
-----------------------------+-----------------------------
Reporter: wiziapp | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version: 3.9.1
Severity: normal | Keywords:
Focuses: |
-----------------------------+-----------------------------
There are two issues in the code for auto-uploading to subfolders within a
change rooted FTP (wp-admin/includes/class-wp-filesystem-base.php).
First, it adds a "/" to the replacement expression when the source
replacement already contains a "/" (Note that ABSPATH has a trailing
slash):
$potential_folder = preg_replace( '#^' . preg_quote( $dir, '#'
) . '/#i', trailingslashit( constant( $constant ) ), $folder );
This should be:
$potential_folder = preg_replace( '#^' . preg_quote(
trailingslashit($dir), '#' ) . '#i', trailingslashit( constant( $constant
) ), $folder );
Second, it checks that the directory exists. This is not the case during
theme and plugin installs, where the not existing directory is specified.
Instead, only the parent should be checked.
After:
if ( $this->is_dir( $potential_folder ) ) {
$this->cache[ $folder ] = $potential_folder;
return $potential_folder;
}
Adding:
else {
$potential_parent_folder =
trailingslashit(preg_replace('#[^/]*/$#', '', $potential_folder));
if ( $this->is_dir( $potential_parent_folder ) ) {
$this->cache[ $folder ] = $potential_folder;
return $potential_folder;
}
}
Would test for a valid parent, instead. (E.g. wp-content/themes instead of
wp-content/themes/newtheme)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28300>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list